Critical Zero-Day Vulnerability found in 64 bit version of Windows 7

webDEViL,a Security Researcher from Secunia discovered a new Zero-day vulnerability in 64 bit version of Windows 7 that allows an attacker to compromise the vulnerable machine.

A Researcher w3bd3vil shared a tweet in Twitter that he discovered a vulnerability that a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari.

"The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large "height" attribute viewed using the Apple Safari browser.

Successful exploitation may allow execution of arbitrary code with kernel-mode privileges." Secunia report says.

Category: / /

Share this with Your friends: